Subject: Re: Guidelines for hardware RNG drivers in NetBSD
To: None <,>
From: Daniel Carosone <>
List: tech-security
Date: 12/06/2006 07:47:33
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Dec 05, 2006 at 01:10:47PM -0600, Travis H. wrote:
> This is great news because we can look for predictability in the
> distribution of the raw source, not after post-processing, which
> greatly simplifies the matter.  I would hope that we can get the
> data out without passing through the kernel pool, so that it could
> be graphed various ways (a picture is worth ten statistics); if
> it _must_ pass through a pool and hash function, it is much more
> difficult to look for patterns or bias or problems/failures of
> the source.

These are worthy, but competing, goals: they should be addressed
separately.  Testing and analysis of the raw data should go direct for
pretty pictures, feeding consumers should go via mixing (possibly
together with others sources) in the rnd pool.

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.5 (NetBSD)

